Category Started On Completed On Duration Cuckoo Version
FILE 2014-07-04 02:42:54 2014-07-04 02:46:33 219 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-07-04 02:42:55 2014-07-04 02:46:32

File Details

File name Notification_72384792387498237989237498237498.exe
File size 111616 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 E218A1A6
MD5 b8fddb0db6689c17e68d7a73e7ad9ff2
SHA1 b1056904cda225620a8b34a98e57eb6fd05fda8f
SHA256 e0a0e69df69d2d6c10d7c1436dc775f83dad9a6c08fe61c92c420840cb08180b
SHA512 edf58c0591e97ff5f67b514bfb5a5c24219f50ac3687bb546a3aa528e86af7088f3646bb58c4c53b6e1925cdb7f1b0a556c391a94aaf759592ab5e73e8c40f50
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2014-07-04 06:45:54
Detection Rate: 3/54 (Expand)

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious
Installs itself for autorun at Windows startup

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk\Enum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Processes

registry filesystem process services network synchronization

Notification_72384792387498237989237498237498.exe PID: 972, Parent PID: 416

Volatility

Nothing to display.